tag:www.schneier.com,2015:/blog//2/tag:www.schneier.com,2008:/blog//2.2393-2015-05-13T03:17:50ZComments for Laptop with Trusted Traveler Identities StolenA blog covering security and security technology.Movable Typetag:www.schneier.com,2008:/blog//2.2393-comment:300197Comment from Dilbert Reader on 2008-08-24Dilbert Reader
Dilbert has a solution for this kind of problem: http://dilbert.com/dyn/str_strip/000000000/00000000/0000000/000000/20000/2000/200/21701/21701.strip.print.gif]]>
2008-08-24T11:32:18Z2008-08-24T11:32:18Ztag:www.schneier.com,2008:/blog//2.2393-comment:296037Comment from Anonymous on 2008-08-11Anonymous
InfoWorld has a story on someone "Flying to Defcon with no ID". Her biggest problem appears to have been that she wasn't able to get a beer on the plane.

]]>
2008-08-11T17:35:44Z2008-08-11T17:35:44Ztag:www.schneier.com,2008:/blog//2.2393-comment:295474Comment from kev.schu on 2008-08-08kev.schu
Uh, so i might just not have all the data on this clear pass thing, but what it seems like so far is no one is getting the idea that i am. It seems the creaters of "clear pass" are profiting off of our countries fear of terrorism. "ok, so, we put TSA in all airports, do crazy checks on everything, this creates long, crappy lines, and then we offer the ability to skip all of this for $100". Also, from what it looks like, anyone with $100 isn't a terrorist.]]>
2008-08-09T02:57:28Z2008-08-09T02:57:28Ztag:www.schneier.com,2008:/blog//2.2393-comment:294980Comment from ElectronicMessiah on 2008-08-06ElectronicMessiah
Hmmm...we lost your info...no! we found it (hahaha). Maybe the TSA didn't have the $330,000.00 to refund to everyone signed up. This is a sham and conspiracy, people. It's to avoid a class action suit.]]>
2008-08-07T01:54:57Z2008-08-07T01:54:57Ztag:www.schneier.com,2008:/blog//2.2393-comment:294978Comment from Skeptical on 2008-08-06Skeptical
I suspect that Clear saw their business about to evaporate when the TSA suspended the program, and 'found' the laptop as quickly as possible. If the data was encrypted, the program wouldn't have been suspended to begin with.

Yet another reason to not use this program. If your driver's license number is stolen get a new one. It's a bit harder for a fingerprint or iris.

]]>
2008-08-07T01:45:40Z2008-08-07T01:45:40Ztag:www.schneier.com,2008:/blog//2.2393-comment:294972Comment from Mr. Phelps, I.M.F. on 2008-08-06Mr. Phelps, I.M.F.
Your Mission is to remove, copy, selectively alter, and replace the laptop and its data without being intercepted.
As always, if you are captured, the Secretary will deny all knowledge of your activities.]]>
2008-08-07T00:51:41Z2008-08-07T00:51:41Ztag:www.schneier.com,2008:/blog//2.2393-comment:294925Comment from Dave on 2008-08-06Dave
The real question here has nothing to do with the Clear programme, or the fact that the laptop went "missing." The real question is why this information is on a laptop in the first place. I can think of no reason other than pure laziness that actual live data is allowed to be taken on a laptop, instead of left in a database (on a server) where it belongs.

I can guarantee that the TSA sop that uses that laptop isn't doing anything with that data that can't be done with dummy data. Just one man's opinion.

]]>
2008-08-06T21:27:17Z2008-08-06T21:27:17Ztag:www.schneier.com,2008:/blog//2.2393-comment:294866Comment from Jason on 2008-08-06Jason
The article previously referenced by Anonymous (http://www.theinquirer.net/gb/inquirer/news/2008/08/06/stolen-laptop-traveler-ids) implies that the laptop was indeed missing and that it was later returned to the same spot from which it was taken.
Maybe customs wanted to try out some of their new drive-mirroring n' cracking tools on it.]]>
2008-08-06T17:26:50Z2008-08-06T17:26:50Ztag:www.schneier.com,2008:/blog//2.2393-comment:294855Comment from RSaunders on 2008-08-06RSaunders
@Anonymous

Just because the PR people who put up the web page think attributing those words to the CEO is the best marketing message does not change my opinion. When you say "it seems that they are indeed positioning themselves to sell security" my reaction is that talking all patriotic about security isn't actually selling security. Lots of folks claim their proprietary super sneaky encryption tool is secure. Web site claims aren't really facts.

]]>
2008-08-06T16:21:37Z2008-08-06T16:21:37Ztag:www.schneier.com,2008:/blog//2.2393-comment:294840Comment from Pip on 2008-08-06Pip
"It's not so much a security issue as a violation of personal information," said TSA spokesman Nico Melendez. -- Dear TSA, why is someone's personal information NOT a security issue?]]>
2008-08-06T15:54:57Z2008-08-06T15:54:57Ztag:www.schneier.com,2008:/blog//2.2393-comment:294837Comment from mwhelan on 2008-08-06mwhelanhttp://pcsecurityblog.beachheadsolutions.com
when the physical security of airline passengers is at stake, wouldn't it be a good idea to have a Plan B that gives an agency the option to destroy data if a breach is suspected? If that laptop hadn't turned up, or in the case that the laptop was stolen, breached and returned, the data contained within could make it easier for dangerous people to travel undetected. This puts anyone who travels by plane at risk.

Even full-disk encryption isn't a failsafe. The option to remotely destroy data seems like a reasonable one when it comes to people's lives.

They aren't selling security. They are selling the elimination of other people from the queue in front of you. That's not a security function, it's a time-waste reducing function.

indeed most people who understand security feel this way, but if you check out the CEO's message at www.flyclear.com:

I started Verified Identity Pass with a simple idea: In the post 9-11 era we have to take new measures to protect ourselves yet not destroy our way of life by strangling the free flow of people and commerce. Somehow, we have to find common sense solutions that don't make everyone a suspect and create security bottlenecks everywhere we go. To be blunt, that means we need a fair, sensible way not to treat everyone the same when it comes to terrorism protection.

Because when it comes to security at an airport or any place else, we have to think about how we allocate scarce resources and time.

Security experts call this idea "risk management," by which they mean they concentrate more on greater threats and less on lesser threats. It does not mean risk elimination. Just because someone has no record of being a threat doesn't mean they might not suddenly become one (which is why you'll still go through the metal detector.)

At Clear, we see ourselves, first and foremost, as exactly that kind of common-sense risk management solution to the security bottlenecks that are the by-product of the post-September 11 world.

it seems that they are indeed positioning themselves to sell security.

]]>
2008-08-06T15:34:50Z2008-08-06T15:34:50Ztag:www.schneier.com,2008:/blog//2.2393-comment:294833Comment from JohnnyX on 2008-08-06JohnnyX
take a read through FlyClear/Clear/Verified Identity Pass privacy policy.

having an unencrypted laptop seems to be in direct violation of their own privacy policy. the Chief Privacy Officer and CEO seem to welcome e-mail about a wide variety of topics. i recommend looking over their website and culling the addresses and asking them directly about this incident. i think i am going to.

i will be very curious on their response.

just out of curiousity, are there any readers of these comments who are enrolled in this or a competing program?

]]>
2008-08-06T15:29:59Z2008-08-06T15:29:59Ztag:www.schneier.com,2008:/blog//2.2393-comment:294788Comment from Life without encryption on 2008-08-06Life without encryption
I've lost the nuclear launch codes! Someone simply took them when I fell asleep at work!
We're all doomed!!!

Oh, wait ... no, here they are.
I just misplaced them.
False alarm.
Everyone go back to what you were doing.

]]>
2008-08-06T12:23:44Z2008-08-06T12:23:44Ztag:www.schneier.com,2008:/blog//2.2393-comment:294783Comment from Jeremy Duffy on 2008-08-06Jeremy Duffyhttp://www.jeremyduffy.com
So now that their information has been compromised, does that mean they have to be added to the terrorist watchlist instead?

That's irony for you. I hope they get a refund at least.

]]>
2008-08-06T12:06:57Z2008-08-06T12:06:57Ztag:www.schneier.com,2008:/blog//2.2393-comment:294780Comment from Nick Lancaster on 2008-08-06Nick Lancaster
A latop is reported stolen. It is assumed that someone broke into the office.

But if the laptop was never missing, were there still signs that the office had been broken into? What, then, was taken? Did the police investigate the crime scene?

If the laptop was assigned to a single person, how did they manage to misplace it? If assigned to a group of people, why are there not check in/out procedures to be followed?

"We found it, everything's okay," sounds nice, but it raises other questions.

]]>
2008-08-06T11:54:06Z2008-08-06T11:54:06Ztag:www.schneier.com,2008:/blog//2.2393-comment:294776Comment from Sparky on 2008-08-06Sparky
indeed, it is rather sad that many people, even those who ought to know, think that just because they can't login in windows without the proper password, nobody else in this world can. That it is even possible, let alone very easy, to pull the drive and read it in another machine, is completely beyond them. Most people don't actually realize that computers are designed by people, to them, it's nothing but a box of black magic.

The problem with all this is, that most people don't even understand that a problem exists, let alone understand the details and a solution (like encryption). The question is, should the masses be educated, and who should do that?

Re: According to them, the laptop also "required two passwords" to access the data.

You can simulate this double-secret security on your own laptop. When logging on, you type the first part of the password, a colleague types the second part, and you press Enter. For the lost laptop, these parts would be "password" and "1" respectively.

]]>
2008-08-06T11:15:51Z2008-08-06T11:15:51Ztag:www.schneier.com,2008:/blog//2.2393-comment:294766Comment from Anonymous on 2008-08-06Anonymous
Laptop found: http://www.theregister.co.uk/2008/08/05/missing_laptop/]]>
2008-08-06T10:34:19Z2008-08-06T10:34:19Ztag:www.schneier.com,2008:/blog//2.2393-comment:294750Comment from 2Federalist on 2008-08-062Federalist
Averros, well the gov is NOT the enemy of decent people, just the government that has been in place since the cold war ended.
Boil a frog slowly, thats been the long plan.
The government, while funny and wastefull, keeps faction fighting faction, and hopefully a sytong push to something like a middle. Only 'justice' that stays long term.
Optimization is the root of all evil, get rid of the gov or strip it away, and you got serious evil.
Read the Federalist, and Democracy in America, still VERY critical today.
Real great minds are correct and proper leaders. Sadly today things are a bit more __________ [fill in whatever you like]
Thankfully, USA promotes or tolerates ideas and debate, like this website, that help steer the path to righteousness.]]>
2008-08-06T09:12:10Z2008-08-06T09:12:10Ztag:www.schneier.com,2008:/blog//2.2393-comment:294735Comment from Sparky on 2008-08-06Sparky
Yes, it's rather convenient that somebody just walked into that room it just happened to be back on the table where it belonged.

They might find traces of activity if the machine has been turned on since it went missing, but anyone remotely competent could just take out the drive and copy it in another machine, leaving no traces unless there was some sort of seal on the drive bay. Alternatively, one could boot from a live-linux CD or something, and copy everything over a network without leaving any traces at all.

There is absolutely no point in having this data on a laptop, since UMTS and GPRS access are dirt cheap these days, and most of the time, it will probably be in range of a wireless network anyway. Just make sure you use a properly encrypted and authenticated tunnel, and only send data to the server for storage and verification, instead of sending the stored data from the server to the client.

]]>
2008-08-06T07:35:08Z2008-08-06T07:35:08Ztag:www.schneier.com,2008:/blog//2.2393-comment:294729Comment from averros on 2008-08-06averros
"None of this is security. Absolutely none of it."

Of course, it is not. It is called "racket" and is the only business of all governments since antiquity.

The naivete of Western people (including some of the most intelligent people - this is a compliment, Bruce) is truly amazing. What a discovery - the government doesn't care about anything but the good of its bureaucrats. Most children in the USSR knew that by about the time they went to school.

Now, how about growing up and finally accepting the fact that the government is the enemy of any decent person?

A statement by the Clear company said that "names, addresses and driver's license or passport numbers" were on the laptop.

According to them, the laptop also "required two passwords" to access the data.

This is undoubtedly what the happy smiley Clear reps were trying to tell me when they said "double-encryption" was in place so no need to worry.

Whew. Two passwords on a laptop.

Perhaps most amazing of all is that TSA ever let the program start without any requirement or compliance standard for information security.

What do you need to do to start your own Clear-like program?

Perhaps you can just buy a laptop, put a few kiosks in an airport, setup a webpage with marketing material about privacy and you're good to go? Was there a giant lobby fee or maybe some campaign contributions required?

Like most things in the Bush Administration, there is some kind of weird secrecy around the origins of this private-public arrangement. This is the best and only detail I could find:

"Interested parties must describe in their response how they would provide program management, biometric capabilities, tactical operations and systems integration support. TSA plans to award the final contract in early June."

]]>
2008-08-06T03:54:38Z2008-08-06T03:54:38Ztag:www.schneier.com,2008:/blog//2.2393-comment:294683Comment from Andre LePlume on 2008-08-05Andre LePlume
To the many who are wondering why the data need to be on the laptop (rather than on a server, etc.): the assertion I read is that having the data local makes signing people up in areas w/out network connectivity (such as a company cafeteria) easier.

How nice.

I suppose they just signed up 33,000 people in a really big cafeteria, then? Or could it be that the entire architecture is friggin' brain-damaged from the get go?

]]>
2008-08-06T02:56:46Z2008-08-06T02:56:46Ztag:www.schneier.com,2008:/blog//2.2393-comment:294678Comment from 2FunnyGovHealthCare on 2008-08-052FunnyGovHealthCare
TSA is funny. USA gov handling of 9/11 is funny. Pathetic == funny, because thats all we got for ~1 Trillion dollars.
Leadership of W and others is quite funny as well. Oh well.

Do you want to trust your government with your healthcare?

Democrats are also setting up some BAD police style stuff, while pointing the finger at Republican abuses, classic Soviet Union revolution style.

Enjoy the drama today, it really is funny.

]]>
2008-08-06T02:35:17Z2008-08-06T02:35:17Ztag:www.schneier.com,2008:/blog//2.2393-comment:294675Comment from David Keech on 2008-08-05David Keechhttp://www.ladadadada.net
Clearly, all the names of the people whose information was on this laptop need to go on the no-fly list now.

That way, two ridiculous, pointless, expensive programs can be rendered completely and publicly useless in one swift action.

Yeah I was wondering the same thing. Why put such data on an easily removed piece of equipment. I would have thought they would put it into a server and bolt it to the floor. Though, more surprising, is that its not the US govt. that is handling this- but an outside company (ok maybe not so surprising, but upsetting).

]]>
2008-08-05T23:40:18Z2008-08-05T23:40:18Ztag:www.schneier.com,2008:/blog//2.2393-comment:294646Comment from peri on 2008-08-05peri
What I don't get is why people need to copy a database to their laptop. I know databases can serve information over a network and internet connectivity is fairly ubiquitous. So what are all these databases with sensitive information doing on people's laptops?]]>
2008-08-05T23:32:18Z2008-08-05T23:32:18Ztag:www.schneier.com,2008:/blog//2.2393-comment:294641Comment from Anonymous on 2008-08-05Anonymous
"officials are working to determine whether any of the data was compromised"

How would they be able to tell?

If I copy the files for off-line cracking, no trace of the copying is left on the original disk.

After all, this is fundamental to computer forensics: always copy, never modify the original.

]]>
2008-08-05T23:07:03Z2008-08-05T23:07:03Ztag:www.schneier.com,2008:/blog//2.2393-comment:294637Comment from Kashmarek on 2008-08-05Kashmarek
So it disappeared a week ago and they only told people about it today? Then found it the same day everyone was told!

]]>
2008-08-05T22:34:56Z2008-08-05T22:34:56Ztag:www.schneier.com,2008:/blog//2.2393-comment:294635Comment from cmos on 2008-08-05cmosTHEY FOUND IT!!!

Hmmm sounds a bit fishy, no?

]]>
2008-08-05T22:33:50Z2008-08-05T22:33:50Ztag:www.schneier.com,2008:/blog//2.2393-comment:294630Comment from Louis on 2008-08-05Louis
about the border patrol finding it...
i doubt that they will find it!!! there to busy trying to keep me from stealing a 3 min 128kbps p.o.s. mp3 that didnt cost any one a dime to make a copy of!!!!

"Under ACTA, border patrol agents will be able to seize peoples ’ laptops, iPods, and other electronics which they suspect contain illegally-obtained media. If the border patrol thinks they've found such media on the devices, they are authorized to DESTROY them at their DISCRETION."

o so kid you have the new hip hop track let me see your 400$ ipod *steps on it* you couldnt have bought that.

]]>
2008-08-05T22:21:00Z2008-08-05T22:21:00Ztag:www.schneier.com,2008:/blog//2.2393-comment:294608Comment from Brian Carnell on 2008-08-05Brian Carnellhttp://brian.carnell.com/
Hmmm..maybe customs seized the laptop. They should check there.]]>
2008-08-05T20:39:44Z2008-08-05T20:39:44Ztag:www.schneier.com,2008:/blog//2.2393-comment:294595Comment from RSaunders on 2008-08-05RSaunders
Did anybody ever find out what "personal data" was on the computer? I thought it was the access control computer, containing the goofy biometric data they use to make sure you're in the program. It's not obvious how to turn a fingerprint hash of retina scan hash into identity theft.

Clear is a membership club, you're buying access to a security line that has fewer people in it. It's not less security cloak-and-dagger, it's just less waiting for the other folks in line to go through the TSA-approved security incantation.

Bruce says "None of this is security" and it's likely Clear would agree. They aren't selling security. They are selling the elimination of other people from the queue in front of you. That's not a security function, it's a time-waste reducing function.

While we might like to see the TSA stop wasting everyone's time, that would be a different blog topic.

It's not terribly expensive, and it doesn't cripple your system performance.

]]>
2008-08-05T20:04:32Z2008-08-05T20:04:32Ztag:www.schneier.com,2008:/blog//2.2393-comment:294589Comment from Bob on 2008-08-05Bob
Ironically enough, the new 'seize-a-laptop' border policy would get someone traveling with double-encrypted data to be stopped at the border...]]>
2008-08-05T19:55:47Z2008-08-05T19:55:47Ztag:www.schneier.com,2008:/blog//2.2393-comment:294586Comment from Alexey on 2008-08-05Alexeyhttp://gaius-julius.livejournal.com
I will be not surprised if most of those tricks explained in the "Airport" novel by Arthur Hailey will work our days.]]>
2008-08-05T19:49:59Z2008-08-05T19:49:59Ztag:www.schneier.com,2008:/blog//2.2393-comment:294582Comment from ace on 2008-08-05ace
why such thing as "trusted traveler" program exists in the first place. smells like privatization of something that is meant to be public good. good software for travel pattern analysis could act on travel records alone to establish one as frequent traveler.]]>
2008-08-05T19:42:06Z2008-08-05T19:42:06Ztag:www.schneier.com,2008:/blog//2.2393-comment:294581Comment from davi ottenheimer on 2008-08-05davi ottenheimerhttp://davi.poetry.org/blog
I just flew through sfo so I walked up and asked the clear reps whether the story was true.suprisingly they were happy to share details to a complete stranger about the incident.

"Oh yes, it was our laptop in the office but there's no need to worry because it is double-encypted."

Oh, double? Not super-size or grande encryption?

I'll spare you the details, but believe me it was funny.

The best part was at the end when they asked me to sign-up for clear today.

Felt like a scene from WallE -- welcome to Buy and Large security.

]]>
2008-08-05T19:38:04Z2008-08-05T19:38:04Ztag:www.schneier.com,2008:/blog//2.2393-comment:294577Comment from marijane on 2008-08-05marijane
This is weird... I'm subscribed to the SFGate Crime RSS feed. In my reader, the story says "TSA: Laptop with Clear applicants' info missing" but when I click on it, I get a story that says "TSA: Laptop with Clear applicants' info found". The CBS 5 story that Bruce links also now indicates the laptop was found.

Interesting that the laptop was found so quickly after the story was published. I also find it interesting that both SFGate and CBS 5 have apparently updated the original news item instead of issuing a new one. I guess the original stories went down the memory hole?

]]>
2008-08-05T19:27:49Z2008-08-05T19:27:49Ztag:www.schneier.com,2008:/blog//2.2393-comment:294572Comment from Mike T on 2008-08-05Mike Thttp://www.macrocosmictech.com/blog
But they said it's protected by two passwords. Aren't BIOS and Windows passwords sufficient for protecting data??]]>
2008-08-05T19:21:34Z2008-08-05T19:21:34Ztag:www.schneier.com,2008:/blog//2.2393-comment:294569Comment from greg on 2008-08-05greg
why the hell is it living on a laptop? it should be on a server somewhere where you have to go through multiple layers of security.]]>
2008-08-05T19:16:44Z2008-08-05T19:16:44Ztag:www.schneier.com,2008:/blog//2.2393-comment:294568Comment from kaszeta on 2008-08-05kaszeta
Interestingly, two months ago when I was at SFO I saw the Clear people doing signups, and actually thought to myself, "that's not a very secure setup they've got. I'm sure that laptop has interesting information on it, like a list of people that won't get as much TSA scrutiny."]]>
2008-08-05T19:16:07Z2008-08-05T19:16:07Ztag:www.schneier.com,2008:/blog//2.2393-comment:294567Comment from Kashmarek on 2008-08-05Kashmarek
That laptop went missing for a reason, presumably to take it somewhere to copy off the data. It was "announced" as returned to take the heat off the vendor (of course, speculation on my part). ]]>
2008-08-05T19:14:48Z2008-08-05T19:14:48Ztag:www.schneier.com,2008:/blog//2.2393-comment:294566Comment from Jacob Appelbaum on 2008-08-05Jacob Appelbaumhttp://www.appelbaum.net
There are now 33,000 people who will be wishing they hadn't given up easy to copy but difficult to change information. Whoops.]]>
2008-08-05T19:13:40Z2008-08-05T19:13:40Ztag:www.schneier.com,2008:/blog//2.2393-comment:294563Comment from Patrick Sweeney on 2008-08-05Patrick Sweeneyhttp://www.blackleafmedia.com/
Absolutely unreal. It's nice to know that they follow security practices lamer than how we handles computers AT MY HOUSE.]]>
2008-08-05T19:11:16Z2008-08-05T19:11:16Ztag:www.schneier.com,2008:/blog//2.2393-comment:294556Comment from derf on 2008-08-05derf
As it was so eloquently put in another forum:
"No wonder they want to seize and inspect people's laptops. They're trying to find their PC!"]]>
2008-08-05T19:03:29Z2008-08-05T19:03:29Ztag:www.schneier.com,2008:/blog//2.2393-comment:294555Comment from LeeH on 2008-08-05LeeH
'...Allison Beer, a spokeswoman for Verified Identity Pass Inc., said the laptop was found tuesday morning in the same secured room at the airport that it went missing from and that officials are working to determine whether any of the data was compromised..'
So...maybe someone took it home to play?]]>
2008-08-05T19:03:03Z2008-08-05T19:03:03Z